Spam attack targets Olympic fans
A malicious spam campaign claims that another earthquake has struck China, adversely impacting the Olympic Games.
Samples intercepted by SophosLabs contained the subject line 'Million dead in Chinese quake', and a link to a .cn domain webpage that claims that an earthquake measuring 9.0 on the Richter scale has hit Beijing causing millions of casualties, and put the advent of 2008 Olympic Games at risk. To see additional details of the disaster, the webpage contains a link to a video: in fact, when clicked on, the link will download malware known as Nuwar-E onto the user's computer.
"The recent Chinese earthquake is still so fresh in people's minds, that many computer users won't think twice before opening this email and clicking on the link," said Carole Theriault, senior technology consultant. "We're likely to see more spam messages referencing the upcoming Olympic Games as we get nearer to the event - spammers will be hoping that computer users will be so eager to find out more that they'll forget their common sense when it comes to their emails."
This is not the first time that spammers have used Chinese domains as part of their spam campaigns, Theriault reports. Earlier this year (2008), a promotion invited people to register .cn domains for a mere one Yuan (approximately UK0.7p). Sophos experts note that such a low cost is attractive to spammers, as they can register hundreds of new domains and rotate them every few minutes during a spam run in order to bypass spam filters that use URL blocklists.
Further information: www.sophos.com